Английская Википедия:Aanval
Шаблон:Short description Шаблон:Infobox software Aanval is a commercial SIEM product designed specifically for use with Snort, Suricata, and Syslog data.[1] Aanval has been in active development since 2003 and remains one of the longest running Snort capable SIEM products in the industry. Шаблон:Citation needed Aanval is Dutch for "attack".[2]
History
Aanval was created by Loyal Moses in 2003 but was not publicly made available until March 2004 where it was released under the private commercial license C1-RA1008.[3] Throughout the lifecycle of the software it has also been referred to as OpenAanval [4] or ComAanval in addition to Aanval.
Aanval's had provided AJAX style security event monitoring and reporting from a web-browser. Since Aanval's creation, it has developed into an intrusion detection, correlation and threat management console with a specific focus on normalizing Snort, Suricata, and Syslog data. Шаблон:Citation needed
Several information security related books have been published that include details and references to Aanval, including "Linux Server Security, Second Edition"[5] by O'Reilly Media, "Security Log Management"[6] by O'Reilly Media, "Snort: IDS and IPS Toolkit"[7] by O'Reilly Media and in 2010 "Unix and Linux System Administration Handbook, Fourth Edition"[8] by O'Reilly Media.
See also
- Snort
- Intrusion detection system (IDS)
- Intrusion prevention system (IPS)
- Network intrusion detection system (NIDS)
- Sguil
References
External links
- ↑ Aanval - Snort & Syslog Intrusion Detection, Correlation and Threat Management
- ↑ aanval – Wiktionary
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Linux Server Security, Second Edition: Safari Books Online
- ↑ Security Log Management: Safari Books Online
- ↑ Snort: IDS and IPS Toolkit: Safari Books Online
- ↑ Unix and Linux System Administration Handbook, Fourth Edition: Safari Books Online